Wrong user for App Token if created through impersonation #15539
Description
Steps to reproduce
- Login as Admin and impoersonate a User
- Go to his Security settings and add an App Token
- The new Created App-Token is created for the original user ("root" in my case)
Expected behaviour
The impersonated User should be the owner/target of the new created App-Token
Actual behaviour
The original user is the owner of the new Token
Server configuration
Operating system:
Ubuntu 18.04
Web server:
Apache 2.4.29
Database:
MySQL 5.7.26
PHP version:
PHP 7.2.17-0ubuntu0.18.04.1
Nextcloud version: (see Nextcloud admin page)
16.0.0
Updated from an older Nextcloud/ownCloud or fresh install:
Upgrade from 15
Where did you install Nextcloud from:
Signing status:
Signing status
No errors have been found.
List of activated apps:
App list
Enabled:
- accessibility: 1.2.0
- activity: 2.9.1
- admin_audit: 1.6.0
- bookmarks: 1.0.3
- calendar: 1.7.0
- cloud_federation_api: 0.2.0
- comments: 1.6.0
- contacts: 3.1.1
- dav: 1.9.2
- encryption: 2.4.0
- federatedfilesharing: 1.6.0
- federation: 1.6.0
- files: 1.11.0
- files_accesscontrol: 1.6.0
- files_downloadactivity: 1.5.0
- files_external: 1.7.0
- files_fulltextsearch: 1.3.0
- files_pdfviewer: 1.5.0
- files_retention: 1.5.1
- files_rightclick: 0.13.0
- files_sharing: 1.8.0
- files_texteditor: 2.8.0
- files_trashbin: 1.6.0
- files_versions: 1.9.0
- files_videoplayer: 1.5.0
- firstrunwizard: 2.5.0
- gallery: 18.3.0
- groupfolders: 4.0.0
- impersonate: 1.3.0
- logreader: 2.1.0
- lookup_server_connector: 1.4.0
- nextcloud_announcements: 1.5.0
- notifications: 2.4.1
- oauth2: 1.4.2
- password_policy: 1.6.0
- privacy: 1.0.0
- provisioning_api: 1.6.0
- quota_warning: 1.5.0
- recommendations: 0.4.0
- serverinfo: 1.6.0
- sharebymail: 1.6.0
- support: 1.0.0
- survey_client: 1.4.0
- systemtags: 1.6.0
- theming: 1.7.0
- theming_customcss: 1.3.0
- twofactor_backupcodes: 1.5.0
- twofactor_totp: 2.1.2
- updatenotification: 1.6.0
- user_ldap: 1.6.0
- viewer: 1.0.0
- workflowengine: 1.6.0
Disabled:
- end_to_end_encryption
- fulltextsearch
- fulltextsearch_elasticsearch
- tasks
- twofactor_rcdevsopenotp
- w2g2
Nextcloud configuration:
Config report
{
"system": {
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"cloud.url.com"
],
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"overwrite.cli.url": "https:\/\/cloud.url.com",
"htaccess.RewriteBase": "\/",
"dbtype": "mysql",
"version": "16.0.0.9",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_smtpmode": "smtp",
"mail_smtpauthtype": "LOGIN",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"mail_smtpsecure": "tls",
"mail_smtpauth": 1,
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "587",
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"maintenance": false,
"theme": "",
"loglevel": 2,
"session_lifetime": 1800,
"memcache.local": "\\OC\\Memcache\\Redis",
"redis": {
"host": "***REMOVED SENSITIVE VALUE***",
"port": 6379
},
"ldapIgnoreNamingRules": false,
"ldapProviderFactory": "OCA\\User_LDAP\\LDAPProviderFactory",
"updater.release.channel": "stable"
}
}
Are you using external storage, if yes which one: local/smb/sftp/...
no
Are you using encryption: yes/no
no
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...
no
Client configuration
Browser:
Chrome 74
Operating system:
Windows